Network Security Password-based Authentication Protocol Research

With the rapid development of information technology, we have entered the 21st century that tightly associated with information technology. Various information systems has made great contributions to the social civilization, but at the same time network security has become a critical issue that greatly affects all the individuals and organizations as well as the whole country.Identity authentification is the first line of defense, which aims to identify the legitimacy of users and prevent unauthorized users access to the system. Identity authentication plays a very important role. Currently, most information systems used password-based user authentication method, although this method is simple and convenience, but always exits some security deficiencies.SSH (Secure Shell) is a set of protocols for secure remote login and other secure network services defined by Network Working Group of IETF (Internet Engineering Task Force). It has been widely applied and become a de facto standard. Password-based user authentication plays an important role in the applications of SSH used in the remote login and other access from client to server. Secure password-based user authentification is the most important motivation of SSH and have been widely used. In the SSH protocol, the client and the server firstly establish a session key and server's identity is verified. Then the client send encrypted password to the server to proof its identity. With the security analysis of SSH protocols, we point out a potential vulnerability exist in password-based user authentication protocol. Positively we propose a new protocol using implicit method to proof the user's possession of password corresponding to the identification. Our new protocol guarantees higher level of security as well as more effectiveness. We also found out only a few adaptations on SSH proposed standard is enough to support our new password-based user authentication protocol.